Page 31 - 《软件学报》2024年第6期

P. 31

陈金宝等: DBI-Go: 动态插桩定位 Go 二进制的非法内存引用 2607

[45] Patil H, Pereira C, Stallcup M, Lueck G, Cownie J. PinPlay: A framework for deterministic replay and reproducible analysis of parallel
programs. In: Proc. of the 8th Annual IEEE/ACM Int’l Symp. on Code Generation and Optimization. Toronto: ACM, 2010. 2–11. [doi:
10.1145/1772954.1772958]
[46] Brumley D, Newsome J, Song D, Wang H, Jha S. Towards automatic generation of vulnerability-based signatures. In: Proc. of the 2006
IEEE Symp. on Security and Privacy. Berkeley: IEEE, 2006. 15–16. [doi: 10.1109/SP.2006.41]
[47] Lin ZQ, Jiang XX, Xu DY, Zhang XY. Automatic protocol format reverse engineering through context-aware monitored execution. In:
Proc. of the 15th Symp. on Network and Distributed System Security. San Diego: NDSS, 2008. 1–15.
[48] Narayanasamy S, Pokam G, Calder B. Bugnet: Continuously recording program execution for deterministic replay debugging. In: Proc. of
the 32nd Int’l Symp. on Computer Architecture. Madison: IEEE, 2005. 284–295. [doi: 10.1109/ISCA.2005.16]
[49] Clarke E, Kroening D, Lerda F. A tool for checking ANSI-C programs. In: Proc. of the 10th Int’l Conf. on Tools and Algorithms for the
Construction and Analysis of Systems. Barcelona: Springer, 2004. 168–176. [doi: 10.1007/978-3-540-24730-2_15]
[50] Sen K, Marinov D, Agha G. CUTE: A concolic unit testing engine for C. ACM SIGSOFT Software Engineering Notes, 2005, 30(5):
263–272. [doi: 10.1145/1095430.1081750]
[51] Cadar C, Ganesh V, Pawlowski PM, Dill DL, Engler DR. EXE: Automatically generating inputs of death. ACM Trans. on Information
and System Security, 2008, 12(2): 10. [doi: 10.1145/1455518.1455522]
[52] Cadar C, Dunbar D, Engler DR. KLEE: Unassisted and automatic generation of high-coverage tests for complex systems programs. In:
杰出会员, 主
Proc. of the 8th USENIX Conf. on Operating Systems Design and Implementation. San Diego: USENIX Association, 2008. 209–224.
[doi: 10.5555/1855741.1855756]
[53] Go. Go 1.18 release notes. 2022. https://tip.golang.org/doc/go1.18#go-command
[54] Stepanov E, Serebryany K. MemorySanitizer: Fast detector of uninitialized memory use in C++. In: Proc. of the 2015 IEEE/ACM Int’l
Symp. on Code Generation and Optimization. San Francisco: IEEE, 2015. 46–55. [doi: 10.1109/CGO.2015.7054186]
[55] Serebryany K, Iskhodzhanov T. ThreadSanitizer: Data race detection in practice. In: Proc. of the 2009 Workshop on Binary Instrumentation
and Applications. New York: ACM, 2009. 62–71. [doi: 10.1145/1791194.1791203]
[56] Duck GJ, Yap RHC. EffectiveSan: Type and memory error detection using dynamically typed C/C++. ACM SIGPLAN Notices, 2018,
53(4): 181–195. [doi: 10.1145/3296979.3192388]
[57] Berger ED, Zorn BG. DieHard: Probabilistic memory safety for unsafe languages. ACM SIGPLAN Notices, 2006, 41(6): 158–168. [doi:
10.1145/1133255.1134000]
[58] Nagarakatte S, Zhao JZ, Martin MMK, Zdancewic S. SoftBound: Highly compatible and complete spatial memory safety for C. ACM
SIGPLAN Notices, 2009, 44(6): 245–258. [doi: 10.1145/1543135.1542504]
[59] Wang Y, Qiao L, Xu C, Liu YP, Cheung SC, Meng N, Yu H, Zhu ZL. Hero: On the chaos when PATH meets modules. In: Proc. of the
43rd IEEE/ACM Int’l Conf. on Software Engineering. Madrid: IEEE, 2021. 99–111. [doi: 10.1109/ICSE43902.2021.00022]
[60] Li WQ, Jia SJ, Liu LM, Zheng FY, Ma Y, Lin JQ. CryptoGo: Automatic detection of Go cryptographic API misuses. In: Proc. of the 38th
Annual Computer Security Applications Conf. Austin: ACM, 2022. 318–331. [doi: 10.1145/3564625.3567989]
[61] Vyukov D. Go escape analysis flaws. 2015. https://docs.google.com/document/d/1CxgUBPlx9iJzkz9JWkb6tIpTe5q32QDmz8l0BouG0Cw

陈金宝(1999－), 男, 硕士生, 主要研究领域为现李清伟(2001－), 男, 硕士生, 主要研究领域为程
代语言编译和运行时系统, 软件安全. 序语言运行时, 程序分析.

张昱(1972－), 女, 博士, 教授, CCF 丁伯尧(1999－), 男, 博士生, CCF 学生会员, 主
要研究领域为面向新兴计算的编程系统, 软件分要研究领域为面向内存安全的程序分析, 多语言
析与系统优化, 智能计算, 数据计算, 量子计算. 程序交互与适配, 现代语言编译和运行时系统.

26 27 28 29 30 31 32 33 34 35 36